36 if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP ||
37 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP6) {
39 }
else if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TCP ||
40 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TCP6) {
42 }
else if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TLS ||
43 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TLS6) {
45 }
else if (!strcasecmp(rdata->tp_info.transport->type_name,
"WS")) {
47 }
else if (!strcasecmp(rdata->tp_info.transport->type_name,
"WSS")) {
56 char host[NI_MAXHOST];
60 ast_copy_pj_str(host, &rdata->tp_info.transport->local_name.host,
sizeof(host));
78 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
84 .common.service =
"PJSIP",
85 .common.account_id =
name,
86 .common.local_addr = {
88 .transport = transport,
90 .common.remote_addr = {
92 .transport = transport,
94 .common.session_id = call_id,
105 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
111 .common.service =
"PJSIP",
113 .common.local_addr = {
115 .transport = transport,
117 .common.remote_addr = {
119 .transport = transport,
121 .common.session_id = call_id,
132 pjsip_authorization_hdr *auth = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION,
NULL);
134 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
135 char nonce[64] =
"", response[256] =
"";
141 .common.service =
"PJSIP",
143 .common.local_addr = {
145 .transport = transport,
147 .common.remote_addr = {
149 .transport = transport,
151 .common.session_id = call_id,
155 .expected_response =
"",
158 if (auth && !pj_strcmp2(&auth->scheme,
"Digest")) {
170 pjsip_authorization_hdr *auth = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION,
NULL);
172 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
178 .common.service =
"PJSIP",
180 .common.local_addr = {
182 .transport = transport,
184 .common.remote_addr = {
186 .transport = transport,
188 .common.session_id = call_id,
189 .using_password = auth ? 1 : 0,
199 pjsip_www_authenticate_hdr *auth = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_WWW_AUTHENTICATE,
NULL);
201 char nonce[64] =
"", call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
207 .common.service =
"PJSIP",
209 .common.local_addr = {
211 .transport = transport,
213 .common.remote_addr = {
215 .transport = transport,
217 .common.session_id = call_id,
221 if (auth && !pj_strcmp2(&auth->scheme,
"digest")) {
231 const char* req_type)
234 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
240 .common.service =
"PJSIP",
242 .common.local_addr = {
244 .transport = transport,
246 .common.remote_addr = {
248 .transport = transport,
250 .common.session_id = call_id,
251 .request_type = req_type
262 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
268 .common.service =
"PJSIP",
270 .common.local_addr = {
272 .transport = transport,
274 .common.remote_addr = {
276 .transport = transport,
278 .common.session_id = call_id
Asterisk main include file. File version handling, generic pbx functions.
int ast_sockaddr_parse(struct ast_sockaddr *addr, const char *str, int flags)
Parse an IPv4 or IPv6 address string.
#define ast_sockaddr_set_port(addr, port)
Sets the port number of a socket address.
static const char * get_account_id(struct ast_sip_endpoint *endpoint)
void ast_sip_report_mem_limit(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when a memory limit is hit.
void ast_sip_report_req_no_support(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, const char *req_type)
Send a security event notification for when a request is not supported.
void ast_sip_report_auth_success(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when authentication succeeds.
static void security_event_populate(pjsip_rx_data *rdata, char *call_id, size_t call_id_size, struct ast_sockaddr *local, struct ast_sockaddr *remote)
void ast_sip_report_auth_challenge_sent(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pjsip_tx_data *tdata)
Send a security event notification for when an authentication challenge is sent.
static enum ast_transport security_event_get_transport(pjsip_rx_data *rdata)
void ast_sip_report_invalid_endpoint(const char *name, pjsip_rx_data *rdata)
Send a security event notification for when an invalid endpoint is requested.
void ast_sip_report_auth_failed_challenge_response(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when a challenge response has failed.
void ast_sip_report_failed_acl(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, const char *name)
Send a security event notification for when an ACL check fails.
struct ast_sip_endpoint * ast_sip_get_artificial_endpoint(void)
Retrieves a reference to the artificial endpoint.
void ast_copy_pj_str(char *dest, const pj_str_t *src, size_t size)
Copy a pj_str_t into a standard character buffer.
Security Event Reporting API.
int ast_security_event_report(const struct ast_security_event_common *sec)
Report a security event.
#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_FAILED_ACL_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
Event descriptor version.
@ AST_SECURITY_EVENT_REQ_NO_SUPPORT
A request was made that we understand, but do not support.
@ AST_SECURITY_EVENT_FAILED_ACL
Failed ACL.
@ AST_SECURITY_EVENT_MEM_LIMIT
Memory limit reached.
@ AST_SECURITY_EVENT_CHAL_SENT
Challenge was sent out, informational.
@ AST_SECURITY_EVENT_CHAL_RESP_FAILED
An attempt at challenge/response authentication failed.
@ AST_SECURITY_EVENT_SUCCESSFUL_AUTH
FYI FWIW, Successful authentication has occurred.
@ AST_SECURITY_EVENT_INVAL_ACCT_ID
Invalid Account ID.
#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_CHAL_SENT_VERSION
Event descriptor version.
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
An attempt at challenge/response auth failed.
const char * response
Response received.
struct ast_security_event_common common
Common security event descriptor elements.
A challenge was sent out.
struct ast_security_event_common common
Common security event descriptor elements.
enum ast_security_event_type event_type
The security event sub-type.
Checking against an IP access control list failed.
struct ast_security_event_common common
Common security event descriptor elements.
Invalid account ID specified (invalid username, for example)
struct ast_security_event_common common
Common security event descriptor elements.
Request denied because of a memory limit.
struct ast_security_event_common common
Common security event descriptor elements.
Request denied because we don't support it.
struct ast_security_event_common common
Common security event descriptor elements.
Successful authentication.
struct ast_security_event_common common
Common security event descriptor elements.
An entity with which Asterisk communicates.
Socket address structure.
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.